CVE-2023-53506

HIGH EPSS 4.9%
Published Oct 1, 20259mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents When merging very long extents we try to push as much length as possible to the first extent. However this is unnecessarily complicated and not really worth the trouble. Furthermore there was a bug in the logic resulting in corrupting extents in the file as syzbot reproducer shows. So just don't bother with the merging of extents that are too long together.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥2.6.12.1  –  <4.14.308
linuxlinux_kernel*≥4.15  –  <4.19.276
linuxlinux_kernel*≥4.20  –  <5.4.235
linuxlinux_kernel*≥5.5  –  <5.10.173
linuxlinux_kernel*≥5.11  –  <5.15.99
linuxlinux_kernel*≥5.16  –  <6.1.16
linuxlinux_kernel*≥6.2  –  <6.2.3
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57
    Patch